diff --git a/2020/25xxx/CVE-2020-25010.json b/2020/25xxx/CVE-2020-25010.json index 69ea83d0627..99625775bfb 100644 --- a/2020/25xxx/CVE-2020-25010.json +++ b/2020/25xxx/CVE-2020-25010.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-25010", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-25010", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An arbitrary code execution vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to upload a malicious script file by constructing a POST type request and writing a payload in the request parameters as an instruction to write a file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/AnfieldQi/CVE_list/blob/master/CVE-2020-25010.md", + "url": "https://github.com/AnfieldQi/CVE_list/blob/master/CVE-2020-25010.md" + }, + { + "refsource": "MISC", + "name": "https://www.cnvd.org.cn/flaw/show/CNVD-2020-55990", + "url": "https://www.cnvd.org.cn/flaw/show/CNVD-2020-55990" } ] } diff --git a/2020/25xxx/CVE-2020-25011.json b/2020/25xxx/CVE-2020-25011.json index b8e16f864bc..1f446c29475 100644 --- a/2020/25xxx/CVE-2020-25011.json +++ b/2020/25xxx/CVE-2020-25011.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-25011", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-25011", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A sensitive information disclosure vulnerability in Kyland KPS2204 6 Port Managed Din-Rail Programmable Serial Device Servers Software Version:R0002.P05 allows remote attackers to get username and password by request /cgi-bin/webadminget.cgi script via the browser." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://www.cnvd.org.cn/flaw/show/CNVD-2020-55988", + "url": "https://www.cnvd.org.cn/flaw/show/CNVD-2020-55988" + }, + { + "refsource": "MISC", + "name": "https://github.com/AnfieldQi/CVE_list/blob/master/CVE-2020-25011.md", + "url": "https://github.com/AnfieldQi/CVE_list/blob/master/CVE-2020-25011.md" } ] } diff --git a/2020/35xxx/CVE-2020-35123.json b/2020/35xxx/CVE-2020-35123.json index cbcd1d78f11..4d9372e2ca0 100644 --- a/2020/35xxx/CVE-2020-35123.json +++ b/2020/35xxx/CVE-2020-35123.json @@ -1,17 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-35123", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-35123", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Zimbra Collaboration Suite Network Edition versions < 9.0.0 P10 and 8.8.15 P17, there exists an XXE vulnerability in the saml consumer store extension, which is vulnerable to XXE attacks. This has been fixed in Zimbra Collaboration Suite Network edition 9.0.0 Patch 10 and 8.8.15 Patch 17." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "CONFIRM", + "name": "https://wiki.zimbra.com/wiki/Security_Center", + "url": "https://wiki.zimbra.com/wiki/Security_Center" + }, + { + "refsource": "CONFIRM", + "name": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories", + "url": "https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories" + }, + { + "refsource": "CONFIRM", + "name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P10", + "url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/9.0.0/P10" + }, + { + "refsource": "CONFIRM", + "name": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P17", + "url": "https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P17" } ] } diff --git a/2020/35xxx/CVE-2020-35483.json b/2020/35xxx/CVE-2020-35483.json new file mode 100644 index 00000000000..abc1e757a05 --- /dev/null +++ b/2020/35xxx/CVE-2020-35483.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2020-35483", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file